This is located in /etc/hadoop/conf/xasecure-hdfs-security.xml on the namenode.
<property>
<name>xasecure.add-hadoop-authorization</name>
<value>true</value>
<description>
Enable/Disable the default hadoop authorization (based on
rwxrwxrwx permission on
the resource) if the XASecure Authorization
fails.
</description>
</property>
From: Trainee Bingo <[email protected]<mailto:[email protected]>>
Reply-To:
"[email protected]<mailto:[email protected]>"
<[email protected]<mailto:[email protected]>>
Date: Wednesday, July 1, 2015 at 7:49 AM
To: "[email protected]<mailto:[email protected]>"
<[email protected]<mailto:[email protected]>>
Subject: Re: Ranger Policies are overridden by HDFS ACL's
Hi Selva,
Can u or anyone just help me out to get the XA configuration for changing the
default authorization in XASecure.
Thanks
On Wed, Jul 1, 2015 at 2:02 AM, Selvamohan Neethiraj
<[email protected]<mailto:[email protected]>> wrote:
Hi:
In XASecure, the XA authorizer is designed to delegate the authorization to
default HDFS authorization if XASecure policies are not granting access.
The fall back to default HDFS authorization can be stopped by changing a XA
configuration; However, our recommendation is not to change the specific
configuration.
Thanks,
Selva-
From: Trainee Bingo <[email protected]<mailto:[email protected]>>
Reply-To:
"[email protected]<mailto:[email protected]>"
<[email protected]<mailto:[email protected]>>
Date: Tuesday, June 30, 2015 at 10:43 PM
To: "[email protected]<mailto:[email protected]>"
<[email protected]<mailto:[email protected]>>
Subject: Ranger Policies are overridden by HDFS ACL's
Hi Users,
I am using HDP 2.1 so I have XA Secure in it. I am trying some use cases over
user level and group level permissions , and I found that if we set the HDFS
ACL's using getfacl command the XA Secure Policies are overridden.
Can anyone pls help me out?????
